iangcarroll / cookiemonsterLinks
πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
β953Updated 11 months ago
Alternatives and similar repositories for cookiemonster
Users that are interested in cookiemonster are comparing it to the libraries listed below
Sorting:
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,269Updated 4 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,001Updated last year
- bypass-url-parserβ1,104Updated this week
- The most exhaustive list of reliable DNS resolvers.β908Updated this week
- Obtain GraphQL API schema even if the introspection is disabledβ1,319Updated last week
- Go client to communicate with Chaos DB API.β799Updated last week
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,703Updated last year
- Scrape domain names from SSL certificates of arbitrary hostsβ689Updated last year
- Tool to check for dependency confusion vulnerabilities in multiple package management systemsβ770Updated last year
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,534Updated last week
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,228Updated 2 weeks ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ935Updated 3 years ago
- Making Favicon.ico based Recon Great again !β1,250Updated 2 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,059Updated 3 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,027Updated 3 months ago
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ850Updated 3 years ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β764Updated 3 years ago
- An IIS short filename enumeration toolβ1,033Updated last year
- Free, libre, effective, and data-driven wordlists for all!β641Updated 4 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β970Updated last year
- Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a β¦β1,522Updated last week
- Fetches javascript file from a list of URLS or subdomains.β817Updated 4 months ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,031Updated 11 months ago
- β525Updated 2 weeks ago
- a javascript change monitoring tool for bugbountiesβ697Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ637Updated 5 months ago
- Golang client for querying SecurityTrails API dataβ574Updated 2 years ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β773Updated 6 months ago
- declutters url lists for crawling/pentestingβ1,495Updated 9 months ago
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given targetβ1,434Updated last month